WBONO0000483
WBON0000483
From:
To:
Ce: "Gribben, Jonathan’
"pete.newsome __
Subject: RE: Private & Confident jal : : Subjec (0 Legal
Date: Thu, 29 Jun 2017 07:50:38 +0000
Importance: Normal
Inline-Images: image001.png
Mark,
Apologies for the delay in responding to this request but I felt I needed to check out the position in some
detail; below is my understanding of the facts.
As the BRDB is configured it would be possible for the audit of access to the BRDB to be switched off by a
DBA with sufficient privilege but it would be necessary to take the Database down and then bring it up again
for the configuration change to take effect. It follows that in order for auditing to be switched off and then
back on again the database would have to be bounced twice. Given that Oracle allows for auditing to be
switched off there is no obvious way to avoid this possibility beyond having processes in place to prevent it
happening, as we do.
Prior to the upgrade to the current version of Oracle it would have been possible to switch off the audit and
switch it back on again without needing to ‘bounce’ the database. In this event I would expect the audit trail
to include the logoff event for whoever had switched the audit back on again, so I think the situation is, in
practice, no different from a scenario previously discussed whereby a user with sufficient privilege could
delete records from the audit trail.
Talso need to reiterate my view that there is no evidence that anyone has ever actually manipulated any audit
records.
Regards etc.
Torstein
GRO
P; Westbrook, Mark (UK - Manchester)
; Newsome, Pete
Subject: Private & Confidential
Importance: High
Subject to Legal Privilege - Audit Logs
WBD_000353.000001
WBONO0000483
WBON0000483
Hi Torstein,
Have you managed to establish, definitively, whether it is possible to delete / switch off the privileged user
audit log without breaking the application?
Many thanks
Mark
° Mark Underwood
Head of Portfolio: Legal, Risk & Governance
Ground Floor
20 Finsbury Street
2017 Winner of the 1°70" £°7Y 942
Global Postal
Award for
Customer
Experience
Mobile numbers
AE SIE SISSIES ICICISI OI SIGE ICI SIO ICICI A ICR ACAI KAI A A aR ACA I ok AAR EA oR A A a a a a
This email and any attachments are confidential and intended for the addressee only. If you are not the
named recipient, you must not use, disclose, reproduce, copy or distribute the contents of this
communication. If you have received this in error, please contact the sender by reply email and then delete
this email from your system. Any views or opinions expressed within this email are solely those of the
sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: Finsbury
Dials, 20 Finsbury Street, London EC2Y 9AQ.
Js ESI SIS EIS ESO EE IC ES AEGIS GE CCIEIG GIGI RIG AGI AACA ICAI A ACAI a aa ok
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
WBD_000353.000002